CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
Percentile
69.2%
Severity: High
Date : 2017-11-01
CVE-ID : CVE-2017-14685 CVE-2017-14686 CVE-2017-14687 CVE-2017-15587
Package : mupdf
Type : arbitrary code execution
Remote : No
Link : https://security.archlinux.org/AVG-458
The package mupdf before version 1.11-5 is vulnerable to arbitrary code
execution.
Upgrade to 1.11-5.
The problems have been fixed upstream but no release is available yet.
None.
Artifex MuPDF 1.11 allows attackers to cause a denial of service or
possibly have unspecified other impact via a crafted .xps file. This
occurs because xps_load_links_in_glyphs in xps/xps-link.c does not
verify that an xps font could be loaded.
Artifex MuPDF 1.11 allows attackers to execute arbitrary code or cause
a denial of service via a crafted .xps file. This occurs because
read_zip_dir_imp in fitz/unzip.c does not check whether size fields in
a ZIP entry are negative numbers.
Artifex MuPDF 1.11 allows attackers to cause a denial of service or
possibly have unspecified other impact via a crafted .xps file. This
occurs because of mishandling of XML tag name comparisons.
An integer overflow leading to an out-of-bounds wrte has been found in
mupdf <= 1.11. The parsing of a crafted PDF might allow an attacker to
write controlled data to an arbitrary location in memory when
performing truncated xref checks.
An attacker is able to execute arbitrary code on the affected host by
providing a maliciously-crafted .xps or .pdf file.
http://git.ghostscript.com/?p=mupdf.git;a=commitdiff;h=ab1a420613dec93c686acbee2c165274e922f82a
https://bugs.ghostscript.com/show_bug.cgi?id=698539
http://git.ghostscript.com/?p=mupdf.git;a=commitdiff;h=0f0fbc07d9be31f5e83ec5328d7311fdfd8328b1
https://bugs.ghostscript.com/show_bug.cgi?id=698540
http://git.ghostscript.com/?p=mupdf.git;a=commitdiff;h=2b16dbd8f73269cb15ca61ece75cf8d2d196ed28
https://bugs.ghostscript.com/show_bug.cgi?id=698558
https://nandynarwhals.org/CVE-2017-15587/
http://git.ghostscript.com/?p=mupdf.git;a=commitdiff;h=82df2631d7d0446b206ea6b434ea609b6c28b0e8
https://security.archlinux.org/CVE-2017-14685
https://security.archlinux.org/CVE-2017-14686
https://security.archlinux.org/CVE-2017-14687
https://security.archlinux.org/CVE-2017-15587
git.ghostscript.com/?p=mupdf.git;a=commitdiff;h=0f0fbc07d9be31f5e83ec5328d7311fdfd8328b1
git.ghostscript.com/?p=mupdf.git;a=commitdiff;h=2b16dbd8f73269cb15ca61ece75cf8d2d196ed28
git.ghostscript.com/?p=mupdf.git;a=commitdiff;h=82df2631d7d0446b206ea6b434ea609b6c28b0e8
git.ghostscript.com/?p=mupdf.git;a=commitdiff;h=ab1a420613dec93c686acbee2c165274e922f82a
bugs.ghostscript.com/show_bug.cgi?id=698539
bugs.ghostscript.com/show_bug.cgi?id=698540
bugs.ghostscript.com/show_bug.cgi?id=698558
nandynarwhals.org/CVE-2017-15587/
security.archlinux.org/AVG-458
security.archlinux.org/CVE-2017-14685
security.archlinux.org/CVE-2017-14686
security.archlinux.org/CVE-2017-14687
security.archlinux.org/CVE-2017-15587
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
Percentile
69.2%